EM Injection: Fault Model and Locality

International audienceEM injection recently emerged as an effective medium for fault injection. This paper presents an analysis of the IC susceptibility to EM pulses. It highlights that faults produced by EM pulse injection are not timing faults but correspond to a different model which is presented in this paper. This model also allows to explain experimental results introduced in former communications

Thoroughly analyzing the use of ring oscillators for on-chip hardware trojan detection

International audienceWith the globalization of the IC design flow, structural integrity verification to detect parasitic electrical activities has emerged as an important research domain for testing the genuineness of an Integrated Circuit (IC). Sensors like Ring Oscil-lators (RO) have been proposed to precisely monitor the internal behaviour of the ICs. In this paper we propose an experimental analysis of the impact of parasitic electrical activities on the frequencies of ROs and on the internal supply voltages measured. Our observations lead us to identify the limits of the usability of ROs for practical and embedded detection of Hardware Trojans

Extraction of intrinsic structure for Hardware Trojan detection

Cryptology ePrint Archive: Report 2015/912In this paper we present a novel solution to address the problem of potential malicious circuitry on FPGA. This method is based on an a technique of structure extraction which consider the infection of an all lot. This structure is related to the design (place and route, power grid...) of the integrated circuits which composes the lot. In case of additional circuitry this design will be modify and the extracted structure will be affected. After developing the extraction techniques we present a method- ology to insert detection of hardware trojan and counterfeit in different IC manufacturing steps. At last an application example using 30 FPGA boards validate our extraction method. Finally, statistical tools are then applied on the experimental results to distinguish a genuine lot from an infected one and confirm the potential of detection the extracted structure

A Method to Design Compact Dual-rail Asynchronous Primitives

ISBN 978-3-540-29013-1International audienceThis paper aims at introducing a method to quickly design compact dual-rail asynchronous primitives. If the proposed cells are dedicated to the design of dual-rail asynchronous circuits, it is also possible to use such primitives to design dual-rail synchronous circuits. The method detailed herein has been applied to develop the schematics of various basic primitives. The performances of the 130nm obtained cells have been simulated and compared with more traditional implementations

Near-field Mapping System to Scan in Time Domain the Magnetic Emissions of Integrated Circuits

International audienceThis paper introduces a low cost near-field mapping system. This system scans automatically and dynamically, in the time domain, the magnetic field emitted by integrated circuits during the execution of a repetitive set of instructions. Application of this measurement system is given to an industrial chip designed with a 180nm CMOS process. This application demonstrates the efficiency of the system but also the helpfulness of the results obtained to identify paths followed by the current and to locate the potential IR drop zones

The EVIL Machine: Encode, Visualize and Interpret the Leakage

Unsupervised side-channel attacks allow extracting secret keys manipulated by cryptographic primitives through leakages of their physical implementations. As opposed to supervised attacks, they do not require a preliminary profiling of the target, constituting a broader threat since they imply weaker assumptions on the adversary model. Their downside is their requirement for some a priori knowledge on the leakage model of the device. On one hand, stochastic attacks such as the Linear Regression Analysis (LRA) allow for a flexible a priori, but are mostly limited to a univariate treatment of the traces. On the other hand, model-based attacks require an explicit formulation of the leakage model but have recently been extended to multidimensional versions allowing to benefit from the potential of Deep Learning (DL) techniques. The EVIL Machine Attack (EMA), introduced in this paper, aims at taking the best of both worlds. Inspired by generative adversarial networks, its architecture is able to recover a representation of the leakage model, which is then turned into a key distinguisher allowing flexible a priori. In addition, state-of-the-art DL techniques require 256 network trainings to conduct the attack. EMA requires only one, scaling down the time complexity of such attacks by a considerable factor. Simulations and real experiments show that EMA is applicable in cases where the adversary has very low knowledge on the leakage model, while significantly reducing the required number of traces compared to a classical LRA. Eventually, a generalization of EMA, able to deal with masked implementation is introduced

Simulation and Experimental Demonstration of the Importance of IR-Drops During Laser Fault-Injection

International audienceLaser fault injections induce transient faults into ICs by locally generating transient currents that temporarily flip the outputs of the illuminated gates. Laser fault injection can be anticipated or studied by using simulation tools at different abstraction levels: physical, electrical or logical. At the electrical level, the classical laser-fault injection model is based on the addition of current sources to the various sensitive nodes of CMOS transistors. However, this model does not take into account the large transient current components also induced between the VDD and GND of ICs designed with advanced CMOS technologies. These short-circuit currents provoke a significant IR-drop that contribute to the fault injection process. This paper describes our research on the assessment of this contribution. It shows through simulation and experiments that during laser fault injection campaigns, laser-induced IR-drop is always present when considering circuits designed with deep submicron technologies. It introduces an enhanced electrical fault model taking the laser-induced IR-drop into account. It also proposes a methodology that allows the use of the model to simulate laser-induced faults at the electrical level in large-scale circuits. On the basis of further simulations and experimental results, we found that, depending on the laser pulse characteristics, the number of injected faults may be underestimated by a factor of up to 2.4 if the laser-induced IR-drop is ignored. This could lead to incorrect estimations of the fault injection threshold, which is especially relevant to the design of countermeasure techniques for secure integrated systems

A Fully Integrated 32 nm MultiProbe for Dynamic PVT Measurements within Complex Digital SoC

International audienceThis paper deals with the design of a compact Process, Voltage and Temperature (PVT) probe architecture, in 32nm CMOS technology. The sensor, hereafter named MultiProbe, is composed of 7 different ring oscillators, each one presenting a particular sensitivity to PVT variations. The architecture allows MultiProbes to be chained, so that a single controller is needed. Simulation results exhibit the non-linearity behavior of the ring oscillators under temperature and voltage variations as well as their particular behavior. Due to their small size, the Multiprobe blocks can be easily integrated within a complex digital SoC architecture

MAGNITUDE SQUARED COHERENCE BASED SCA

Magnitude Squared Coherence is a signal processing tool that indicates how well two time domain signals match one with the other by tracking linear dependencies in their spectral decomposition. This paper introduces different ways of using the Magnitude Squared Coherence for Side Channel Analysis. This distinguisher has several advantages over well-known distinguishers

Impact de la variabilité des caractéristiques temporelles des cellules combinatoires et séquentielles sur un opérateur numérique

National audienceL'un des principaux intérêts de la diminution des dimensions du transistor est l'augmentation du rendement. Mais aujourd'hui, avec les technologies nanométriques, cette réduction s'accompagne d'un impact croissant des variations du processus de fabrication sur les circuits, pouvant dès lors faire chuter ce même rendement avec des spécifications non tenues. Au niveau temporel, on peut ramener ces effets à une probabilité plus élevée de violations des temps de maintien et d'établissement sur les bascules. Comme principale réponse face à ce problème, les marges de sécurité sont constamment augmentées, induisant un pessimisme excessif et ne permettant pas d'optimisation efficace. Cet article propose une méthodologie d'étude plus réaliste basée sur le concept d'analyse temporelle statique et statistique (SSTA) et de calcul de probabilités de violation. Les résultats obtenus sur un opérateur arithmétique en technologie 65 nm permettent de mettre en exergue les limitations des techniques actuelles, la nécessité d'adopter d'autres méthodes et le bénéfice de l'utilisation d'outils statistiques pour les technologies futures